> I am curious about what you guys may have along the lines of best > practices for forwarding from a URL to a login, and then jumping back to > the > original URL automatically. I have several separate applications that all > need to utilize the same login mechanism. I want the user to be able to > enter the URL for the application and if they are not logged in it > redirects > them to a login screen. I already have the sessions junk setup and > understand all of that portion. I am mainly interested in how people are > handling the return to a URL after successful login. > I have done some research on this, and discovered the $HTTP_REFERER > variable however the PHP site discourages using this. I have also thought > of adding code to each page to export an "origin" variable to be passed to > the login page such that it can be used to return the user. I thought of > this method, but I am not real clear on how to manage this. Does anyone > have any suggestion on implementing this, or another alternative that I > have > not touched on yet? Thanks in advance. I use a method like this. When you go to a page, an include file is going to check for a valid session. If a certain session variable does not exist (even though a session is always there), then it "re-creates" the current request using $_SERVER['SERVER_NAME'], $_SERVER['PHP_SELF'], and $_SERVER['QUERY_STRING'] and saves that in the session. When the login is validated, the processing script looks in the session to see if one of these URLs are set. If it is, it redirects to it using header(). To the end user, it's pretty much transparent. I will not deal with POST requests, though, but hopefully that's not a problem. ---John W. Holmes... PHP Architect - A monthly magazine for PHP Professionals. Get your copy today. http://www.phparch.com/ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
